Reactive Interaction Gateway

Reactive Interaction Gateway

  • User Documentation
  • Source Documentation
  • GitHub

›Main Concepts

Getting Started

  • Intro
  • Tutorial
  • Examples
  • FAQ

Main Concepts

  • Architecture
  • Features
  • Event Format
  • Publishing Events
  • Receiving Events
  • Forwarding Requests
  • User Authorization
  • Distributed Tracing

Advanced Guides

  • API Gateway Management
  • API Gateway Synchronization
  • Avro
  • JWT Blacklisting
  • Azure Event Hubs

RIG in Production

  • Operator's Guide
  • API Documentation
  • Phoenix LiveDashboard
  • Prometheus Metrics
  • HTTPS
  • Scaling

Hacking the Source

  • Developer's Guide

User Authorization

RIG supports the JSON Web Tokens (JWT) standard for authorizing users when forwarding HTTP requests, or when handling event subscription or submission requests.

Note that RIG does not do authentication - you will need to provide a service for that yourself. This means that RIG does not create any tokens on its own. Given a JWT, RIG only checks its validity, using a shared secret key or a public key, depending on the algorithm used. Please refer to the Operator's Guide for the corresponding configuration options.

Also note the following:

  • For incoming HTTP requests, JWT validation can be enabled on a per endpoint basis using the secured option.
  • Event subscriptions can be secured using JWT validation by setting SUBSCRIPTION_CHECK to jwt_validation.
  • Likewise, event submissions can be secured using JWT validation by setting SUBMISSION_CHECK to jwt_validation.

Again, refer to the Operator's Guide for details on those environment variables.

Key Length

For symmetric hashing (HS256, RS256), please make sure you are using keys of appropriate length, as described in the spec. For example, if you use HS256, your secret key should be at least 32 character (256 bit) in length.

Example

Example of a minimal JWT:

// Header:
{
  "alg": "HS256",
  "typ": "JWT"
}
// Payload:
{
  "exp": 99999999
}
← Forwarding RequestsDistributed Tracing →
  • Key Length
  • Example
Docs
IntroGetting Started
Community
User ShowcaseSlackStack Overflow@KevnBadr
More
Star RIG on GitHub
Copyright © 2021 Accenture